Posted: Sun Apr 22, 2012 23:07 Post subject: PPTP vs. OpenVPN + Config Problems
All I want to do is run a VPN on my E4200 so I can connect with my iPhone to my home network. I want to be able to tunnel traffic via my phone over 3G to access my home network.
I don't know too much about VPNs but I've read that PPTP isn't as secure as OpenVPN. I setup PPTP and it seemed to run fine on my phone.
Before I start to explain my OpenVPN problems I am wondering if it is even worth it to try and get OpenVPN to work for my needs. Do I really need all that security for a simple home network with 1 VPN client?
So here's what I'm doing with my OpenVPN configuration. My iPhone is jailbroken so I was able to install an OpenVPN client called GuizmoVPN. I read through tutorials and got the OpenVPN server up. As far as server mode it seems like "Router (TUN)" should be ok, correct?
The problem is when I enable the VPN and try to push all my traffic through it, my internet connection on my phone does not work anymore. "Redirect Default Gateway" is enabled on the server. Is there some other setting I need to change server side to get this work. Firewall setting? I thought it might be a DNS problem so I added the push "dhcp-option DNS 8.8.8.8" for Google's DNS servers.
Server settings are attached below.
Client config:
client
dev tun
proto udp
remote xx.xxx.xxx.xx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert iphone.crt
key iphone.key
ns-cert-type server
cipher aes-128-cbc
comp-lzo
verb 3
auth sha256
tun-mtu 1500
Posted: Tue May 01, 2012 16:43 Post subject: Redirect Gateway
Disable the Redirect Gateway option and that'll fix your internet issues. I had the same exact problem with my OpenVPN solution on my E4200.
Haven't figured out how to allow traffic to successfully redirect to gateway since it appears as though the DHCP server that gets assigned to the netmask is a DHCP server that doesn't exist...
Posted: Wed May 02, 2012 1:46 Post subject: Re: Redirect Gateway
aptitudeforums wrote:
Disable the Redirect Gateway option and that'll fix your internet issues. I had the same exact problem with my OpenVPN solution on my E4200.
Haven't figured out how to allow traffic to successfully redirect to gateway since it appears as though the DHCP server that gets assigned to the netmask is a DHCP server that doesn't exist...
This thread was another vote for 16773, so that's what I went with and now no more redirected gateway problem (LZO compression, as mentioned in the second thread, needs to be off for whatever reason):
http://www.dd-wrt.com/phpBB2/viewtopic.php?p=672338
You don't even need any firewall rules, as that's taken care of for you, at least when using the GUI OpenVPN method.